<?php
include("../../tools/session.php");
include("../../tools/controls.php");

// 如果登录失败、无权限访问，那么采取相应措施
if (!($is_login_success === true)) { session_hop_page("../index.php"); exit(); }
if (!power_check(0)) { include("tpl-inc-wp.php"); $tpl->display($oa_tpl_path . "/no-power.html"); exit(); }

/*-- 以下是实际内容 --*/
$page_status = $_POST["page_status"];
// $page_status = $_GET["page_status"];

// 如果状态 $page_status 为空，那么载入默认页面
if (!$page_status)
{
   include("tpl-inc-wp.php");
   include("../../tools/mysql.php");
   db_connect();
   
   $tpl_id = $_GET["tpl_id"];
   $sql = "SELECT type FROM doc_tpl WHERE tpl_id=" . $tpl_id;
   $tpl_type = db_query_once_value($sql, "type");
   
   if (empty($tpl_id))
	 {
		echo "抱歉，参数不足，无法显示页面！";
	 }
   else
	 {
		$sql = "SELECT zh_name, name, template, type FROM view_doc_tpl WHERE tpl_id=" . $tpl_id;
		$re = db_query_once($sql);
		
		$master_path = $_SESSION["master"]["company_name"] . " -> " . $_SESSION["master"]["section_name"] . " -> " . $_SESSION["master"]["username"];

		$tpl->assign("session_id", $_SESSION["user"]["id"]);
		$tpl->assign("is_master", $_SESSION["user"]["is_master"]);
		$tpl->assign("doc_to", $_SESSION["master"]["id"]);
		$tpl->assign("master_path", $master_path);
		$tpl->assign("tpl_id", $tpl_id);
		$tpl->assign("class_name", $re["zh_name"]);
		$tpl->assign("tpl_name", $re["name"]);
		$tpl->assign("tpl_type", $tpl_type);
		
		$tpl->display($oa_tpl_path . "/default/new_app2.html");
	 }
}
// 表单：
// 如果状态为 1，那么输出解析公文模板后的 XML 页面
elseif ($page_status == 1)
{
   include("../../tools/mysql.php");
   db_connect();
   
   $tpl_id = $_POST["tpl_id"];
   // $tpl_id = 8;
   
   header("content-type: text/xml");
   echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
   echo "<doctpl>\n";
   
   $sql = "SELECT template FROM view_doc_tpl WHERE tpl_id=" . $tpl_id;
   $re = db_query_once($sql);

   echo "<template><![CDATA[" . $re["template"] . "]]></template>\n";
   echo "<opts>\n";

   $sql2 = "SELECT name, type, sizeX, sizeY, options FROM doc_tpl_pars WHERE tpl_id=" . $tpl_id;
   $re2 = db_query($sql2);
   foreach($re2 as $v)
	 {
		echo "<item>\n";
		echo "<name>" . $v["name"] . "</name>\n";
		echo "<type>" . $v["type"] . "</type>\n";
		echo "<size_x>" . $v["sizeX"] . "</size_x>\n";
		echo "<size_y>" . $v["sizeY"] . "</size_y>\n";
		echo "<options><![CDATA[" . $v["options"] . "]]></options>\n";
		echo "</item>\n";
	 }
   
   echo "</opts>\n";
   echo "</doctpl>\n";
}
// 表单：   
// 如果 $page_status 为 2，那么是数据提交
elseif ($page_status == 2)
{
   $alert_str = array("Success: 数据提交成功！", "Failure: 数据提交失败！");
   
   $tpl_id = $_POST["tpl_id"];
   $from_id = $_POST["from_id"];
   $to_id = $_POST["to_id"];
   $title = trim(mysql_escape_string($_POST["title"]));
   $title = ($title == "") ? "无标题" : $title;
   $content = mysql_escape_string($_POST["content"]);
   $instancy = $_POST["instancy"];
   $accessory = $_POST["accessory"];
   $is_sent = $_POST["is_sent"];
   $is_sent = ($is_sent === "" ? 1 : $is_sent);
   
   include("../../tools/mysql.php");
   db_connect();
   
   $sql = "INSERT INTO document(tpl_id, from_id, title, content, instancy, is_sent, accessory, apply_time) ";
   $sql .= " VALUES('" . $tpl_id . "', '" . $from_id . "', '" . $title . "', '" . $content . "', '" . $instancy . "', '" . $is_sent . "', '" . $accessory . "', NOW())";
   $re = db_exec($sql);
   
   $doc_id_array = db_query_once("SELECT LAST_INSERT_ID() doc_id");
   $doc_id = $doc_id_array["doc_id"];
   
   $sql2 = "INSERT INTO doc_exam(doc_id, handout_id, exam_level, has_examed) ";
   $sql2 .= " VALUES(" . $doc_id . ", " . $to_id . ", 1, 0)";
   $re2 = db_exec($sql2);
   
   echo (($re && $re2) ? $alert_str[0] : $alert_str[1]);
}
// 表单：   
// 如果 $page_status 为 3，那么删除附件
elseif ($page_status == 3)
{
   $acc = $_POST["acc"];
   $acc_names = explode("/", $acc);
   $acc_name = $acc_names[count($acc_names) - 1];
   $alert_str = array("删除附件 " . $acc_name . " 成功！", "删除附件 " . $acc_name . " 失败！");
   echo (unlink($acc) ? $alert_str[0] : $alert_str[1]);
}
// FCKeditor 编辑：
// 如果状态为 4，那么输出解析公文模板后的 XML 页面
elseif ($page_status == 4)
{
   include("../../tools/mysql.php");
   db_connect();
   
   $tpl_id = $_POST["tpl_id"];
   // $tpl_id = 5;
   
   header("content-type: text/xml");
   echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
   echo "<doctpl>\n";
   
   $sql = "SELECT template FROM view_doc_tpl WHERE tpl_id=" . $tpl_id;
   $re = db_query_once($sql);
   
   echo "<template><![CDATA[" . $re["template"] . "]]></template>\n";
   echo "</doctpl>\n";    
}

?>
